Firebase url and token

Hey dear member I have used airtable to add firebase token and url, also used obfuscated text, but its still showing my token and url in apk editer check below any give me any solution thanks.

Try encrypting the API with AES 128, or other method.

Doesn’t work anything.

Why?

Apk editor extract Firebase details from google-services.json file which you upload in your app assets.

How to Secure Firebase Details

  1. When you use firebase authentication in your app then don’t use Real-time database from same firebase project.
  2. Create a seperate firebase project for real-time database and use it.
  3. Apk editor only show details of firebase project which is associated with authentication/json file.
  4. That means your other firebase details are safe and can be secured by using different methods.

Methods:

  1. Use obfuscated text block.
  2. Encryption Methods
  3. Simple logic : Store your firebase URL in a variable with some extra charectors for example. If main firebase URL is https://test-876.firebaseio.com then you can store https://test-85756.firebaseio.com

Whenever you use it then remove extra charectors by replacing them with empty string.

Same for API Key/Token.

  1. Simply Secure your firebase Rules then no need to worry about exposed firebase details.

To know more about securing firebase rules:

4 Likes